add oauth2 password authentication

[p5n]

Fix #25894

[kesselb]

This change looks wrong/incomplete. According to https://oauth.net/2/grant-types/password/ grant_type=password exchange username and password for a access token. This change calls getToken and passes $password as $tokenId. So $password ist actually the tokenId?

https://doc.dovecot.org/configuration_manual/authentication/oauth2/#proxy-with-password-grant seems the use case for this pull request.

@p5n your users are using a token already to authenticate with dovecot? And you need a way to validate that the token is valid?

[p5n]

I was able to set up test instance with dovecot mechanisms = plain login

Users can authenticate and get mail with username and application password, created on settings/security page.

I am sure that it is incomplete (I implemented only part required to make dovecot work) and maybe it is wrong.

[szaimen]

@p5n would you be willing to implement it correctly?

[p5n]

I'll try, but not sure when I can do it

[sorbaugh]

Hello @p5n, reading through the PR it seems unfortunately you didn't find the time to complete the PR and it got caught in our cleanup. Please feel free to reopen (or create a new PR) if you ever feel like tackling this again. We would be happy about that! :)

[p5n]

Hi, yes, it can be closed, I read RFCs and not sure that it is right approach. I implemented it only to connect with dovecot